OverviewObjectiveLearn how to use access levels and user levels to restrictor allow access of content to a user..Requirements Installed version of ProdigyView with database Understanding of how to create a user Understanding of how to create user rolesEstimated Time12 Minutes www.prodigyview.com
Follow Along With Code Example1. Download a copy of the example code at www.prodigyview.com/source.2. Install the system in an environment you feel comfortable testing in.3. Proceed to examples/security/Roles_Access.php
Roles and Access LevelsProdigyView implements a dual verification for checking if a userhas the required security clearance to access an area.Access LevelAccess levels is the least complicated way of verifying if a user hasthe required permission. Access levels are numbers and if a user isbelow a certain number, access is denied.RolesRoles are a little more complicated but create a more robustverification. A user can have multiple roles and anyone of thoseroles can allow access to an area.Also remember access level and roles can be combined. www.prodigyview.com
Creating A RoleOne major difference between access levels and roles isaccess level do not have to be created but only assigned toa user. Roles on the other hand have to be created. Let’stake a moment to create a role or two. www.prodigyview.com
Users with Permissions Ok great, we have our user roles. Now let’s create a user with an access level and a role. They are both easily defines in the arguments that are used to create a user. Lets gives them an access level of 2 and the role of ‘Administrator’.1. Assign the user an access level 2. Assign the user a role 3. Create the user
Checking Access LevelSo in our example we created a user with the access level of 2.Access level is numeric verification where the number assignedto the user must be greater an or equal too the number we arechecking against. Let’s put that to the test. 1. The id of the user 2. The numeric level to check against 3. Check with method checkUserAccessLevel www.prodigyview.com
And the results are...And looks like the results hold true. I want to take a moment to explainsomething for viewers who might not know the ? : syntax we will beusing. Whenever you come across an expression like:$value = (exp1) ? exp2 : exp3;This actually means if the value from expression 1 is true, the displaycontents from expression 2. If value from expression 1 is false, thendisplay expression 3. We will use this a lot.
User Role ChecksNow we are going to the roles by using thePVSecurity::checkUserRole() method. The roles passed caneither be the id of the role or the actual name of the role. Andwhen roles are passed through the method they can either beas a single value or in an array. Let’s take a look. 1. Id of the user 2. Name of the role 3. Add the roles in an array to check
Role Check ResultsThe role check results should look like the above.According to the role we added in ourexample, ‘Administrator’ those results are correct. www.prodigyview.com
Adding a role and checkingFor a final test, let’s add a role to the user and then check.With the code below, the user will now have access toosuper administrator roles. www.prodigyview.com
Challenge!This optional challenge is designed to help you betterunderstand ProdigyView.Now that you have an understanding of Access Levelsand User Roles, write a script that will block a user unlessboth the access level and user role requirements are met.Also find a way to update the user’s access level. www.prodigyview.com
Summary1. Check the user’s access level by using the method: PVSecurity::checkUserAccessLevel()2. Check the user’s role by using the method: PVSecurity::checkUserRole() www.prodigyview.com
API ReferenceFor a better understanding of access levels and role accessin ProdigyView, visit the api by clicking on the link below.PVSecurity More Tutorials For more tutorials, please visit: http://www.prodigyview.com/tutorials www.prodigyview.com
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.